Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bz354vXrYYGLNDaeYNRXgkIYhmg.roa
File: bz354vXrYYGLNDaeYNRXgkIYhmg.roa (raw, json)
Hash identifier: OgLMsRruH35viSJi9ZiAjlrZWAY/0aSMw9S6qZ4dvdk=
Subject key identifier: 6F:3D:F9:E2:F5:EB:61:81:8B:34:36:9E:60:D4:57:82:42:18:86:68
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01986BC725A6CB95E1DE255E9E238274C92E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bz354vXrYYGLNDaeYNRXgkIYhmg.roa
Signing time: Sat 02 Aug 2025 17:14:30 +0000
ROA not before: Sat 02 Aug 2025 17:14:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.56.154.0/24 maxlen: 24
31.56.158.0/24 maxlen: 24
31.56.159.0/24 maxlen: 24
31.56.168.0/24 maxlen: 24
31.56.169.0/24 maxlen: 24
31.56.170.0/24 maxlen: 24
31.56.171.0/24 maxlen: 24
31.56.174.0/24 maxlen: 24
31.56.175.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.212.0/22 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.0.0/24 maxlen: 24
217.60.1.0/24 maxlen: 24
217.60.2.0/24 maxlen: 24
217.60.4.0/24 maxlen: 24
217.60.5.0/24 maxlen: 24
217.60.6.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6b:c7:25:a6:cb:95:e1:de:25:5e:9e:23:82:74:c9:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 2 17:14:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f3df9e2f5eb61818b34369e60d4578242188668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:90:29:e0:b1:03:32:ba:6e:13:4d:77:42:9c:
c1:ec:e4:79:1d:db:3c:d0:c4:5b:98:92:26:34:ac:
6f:7e:e3:6e:4b:86:bc:7a:c1:ce:c3:3c:d9:e7:45:
d0:c9:b4:1b:02:80:70:c2:b4:09:11:da:9a:bb:79:
4b:6b:20:8c:8b:14:50:88:f5:33:d5:50:f0:fc:97:
98:aa:16:c0:fe:96:d2:5a:90:b2:ec:b5:a9:69:02:
e7:4a:fd:da:9e:32:18:e5:c5:b5:8e:e9:a1:e8:99:
50:d3:41:a1:f1:b7:73:87:8d:21:bd:27:b2:9b:e3:
b8:27:c0:97:16:4e:46:e3:ec:a1:65:f2:90:01:e2:
fb:11:c7:93:f2:44:38:19:03:11:49:d4:6a:7a:fb:
da:36:e7:57:df:db:83:a4:46:71:dd:3a:57:bb:0c:
bd:45:05:78:e1:fb:e5:52:60:68:b2:b5:f1:76:36:
9c:44:a3:6f:e1:a2:bc:de:7a:1e:95:b0:85:e5:e6:
c1:bf:d2:f7:77:62:49:3c:73:4d:c2:71:ed:c7:be:
30:86:b7:ed:05:53:c2:22:74:67:82:80:2f:e4:b9:
c6:1f:55:e3:ef:19:69:44:9f:37:e7:e3:62:df:7d:
06:dc:c4:d7:e7:89:d4:29:63:04:dc:85:5b:cc:f4:
a0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3D:F9:E2:F5:EB:61:81:8B:34:36:9E:60:D4:57:82:42:18:86:68
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bz354vXrYYGLNDaeYNRXgkIYhmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.154.0/24
31.56.158.0/23
31.56.168.0/22
31.56.174.0/23
31.58.34.0/23
31.58.212.0/22
217.60.0.0/21
217.60.188.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:05:dd:a8:45:18:fd:e9:78:39:60:1d:4c:b4:00:63:f5:31:
28:22:68:46:bb:08:5f:10:07:08:e4:e7:05:55:2d:b0:b1:da:
38:9f:47:33:5e:da:71:3f:98:df:96:0b:9e:0a:11:64:4f:08:
63:65:d8:d9:af:73:ec:56:12:35:31:0c:ba:62:4a:41:29:98:
d4:f5:8f:29:db:7a:52:7f:69:00:ee:54:05:3a:84:2f:20:3c:
17:95:78:54:56:25:2e:da:ce:37:57:a9:f5:91:30:7f:29:19:
2c:65:3c:e6:58:77:a4:a6:0d:ba:b3:72:d8:b0:e2:d4:da:d3:
4e:01:71:39:87:0d:50:2f:d8:de:df:d2:78:80:b7:57:de:b8:
c5:06:78:be:19:8c:b6:bd:21:9a:cc:40:d7:b4:22:79:c0:27:
fe:c8:28:b3:7d:15:f1:10:f3:d0:6c:8f:bf:56:5e:af:3d:ec:
b2:43:9b:90:f3:b7:b0:0e:0a:c9:03:98:20:95:48:fc:54:b6:
20:8b:e6:e6:40:e9:4a:de:a6:8a:a7:d1:b2:de:fc:70:0a:48:
dc:83:ca:de:74:2a:96:66:a0:37:24:71:92:d8:bc:5d:9b:31:
a2:a3:68:77:84:2c:9d:fe:90:5a:5d:58:78:40:8e:0d:b4:ed:
b8:28:c1:59
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZhrxyWmy5Xh3iVeniOCdMkuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODAyMTcxNDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNkZjllMmY1ZWI2MTgxOGIzNDM2OWU2MGQ0NTc4MjQyMTg4NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pAp4LEDMrpuE013QpzB7OR5Hds8
0MRbmJImNKxvfuNuS4a8esHOwzzZ50XQybQbAoBwwrQJEdqau3lLayCMixRQiPUz
1VDw/JeYqhbA/pbSWpCy7LWpaQLnSv3anjIY5cW1jumh6JlQ00Gh8bdzh40hvSey
m+O4J8CXFk5G4+yhZfKQAeL7EceT8kQ4GQMRSdRqevvaNudX39uDpEZx3TpXuwy9
RQV44fvlUmBosrXxdjacRKNv4aK83noelbCF5ebBv9L3d2JJPHNNwnHtx74whrft
BVPCInRngoAv5LnGH1Xj7xlpRJ835+Ni330G3MTX54nUKWME3IVbzPSgfQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFG89+eL162GBizQ2nmDUV4JCGIZoMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYnozNTR2WHJZWUdMTkRhZVlOUlhna0lZaG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHziaAwQB
HzieAwQCHzioAwQBHziuAwQBHzoiAwQCHzrUAwQD2TwAAwQC2Ty8MA0GCSqGSIb3
DQEBCwUAA4IBAQCaBd2oRRj96Xg5YB1MtABj9TEoImhGuwhfEAcI5OcFVS2wsdo4
n0czXtpxP5jflgueChFkTwhjZdjZr3PsVhI1MQy6YkpBKZjU9Y8p23pSf2kA7lQF
OoQvIDwXlXhUViUu2s43V6n1kTB/KRksZTzmWHekpg26s3LYsOLU2tNOAXE5hw1Q
L9je39J4gLdX3rjFBni+GYy2vSGazEDXtCJ5wCf+yCizfRXxEPPQbI+/Vl6vPeyy
Q5uQ87ewDgrJA5gglUj8VLYgi+bmQOlK3qaKp9Gy3vxwCkjcg8redCqWZqA3JHGS
2LxdmzGio2h3hCyd/pBaXVh4QI4NtO24KMFZ
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:19:35 2025 by rpki-client